Network enumeration is a computing activity in which usernames and info on groups, shares, and services of networked computers are retrieved. It should not be confused with

network mapping Network mapping is the study of the physical connectivity of networks e.g. the Internet. Network mapping discovers the devices on the network and their connectivity. It is not to be confused with network discovery or Network enumeration, network ...

, which only retrieves information about which servers are connected to a specific network and what

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...

runs on them. Network enumeration is the discovery of

hosts A host is a person responsible for guests at an event or for providing hospitality during it. Host may also refer to: Places *Host, Pennsylvania, a village in Berks County People *Jim Host (born 1937), American businessman *Michel Host ( ...

or devices on a

network Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...

. Network enumeration tends to use overt discovery protocols such as ICMP and

SNMP Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behaviour. Devices that typically ...

to gather information. It may also scan various ports on remote hosts for looking for well known services in an attempt to further identify the function of a remote host. The next stage of enumeration is to

fingerprint A fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfac ...

the

of the remote host.

Software

A network enumerator or network scanner is a

computer program A computer program is a sequence or set of instructions in a programming language for a computer to execute. Computer programs are one component of software, which also includes documentation and other intangible components. A computer program ...

used to retrieve usernames and info on groups, shares, and services of networked computers. This type of program scans networks for vulnerabilities in the security of that network. If there is a vulnerability with the security of the network, it will send a report back to a hacker who may use this info to exploit that network glitch to gain entry to the network or for other malicious activities. Ethical hackers often also use the information to remove the glitches and strengthen their network. Malicious (or "

black-hat A Black Hat (Black Hat Hacker or Blackhat) is a computer hacker who usually violates laws or typical ethical standards. The term originates from the 1950s westerns, when bad guys typically wore black hats and good guys white hats. Black hat hacker ...

") hackers can, on entry of the network, get to security-sensitive information or corrupt the network making it useless. If this network belonged to a company which used this network on a regular basis, the company would lose the function to send information internally to other departments. Network enumerators are often used by

script kiddies A script kiddie, skiddie, kiddie, or skid is an unskilled individual who uses scripts or programs developed by others, primarily for malicious purposes. Characteristics In a Carnegie Mellon report prepared for the U.K. Department of Defense in 2 ...

for ease of use, as well as by more experienced hackers in cooperation with other programs/manual lookups. Also, whois queries,

zone transfer DNS zone transfer, also sometimes known by the inducing DNS query type AXFR, is a type of Domain Name System, DNS Database transaction, transaction. It is one of the many mechanisms available for administrators to distributed database, replicate DN ...

ping sweep In computing, a ping sweep is a method that can establish a range of IP addresses which map to live hosts. The classic tool used for ping sweeps is ,Stuart McClure, Joel Scambray, George Kurtz, ''Hacking Exposed: Network Security Secrets & Solutio ...

s, and

traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as th ...

can be performed.

List of network enumerators

* Metasploit Project * Nmap * Nessus *

OpenVAS OpenVAS (''Open Vulnerability Assessment System'', originally known as ''GNessUs'') is the scanner component of Greenbone Vulnerability Manager (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerabi ...

SAINT (software) SAINT (Security Administrator’s Integrated Network Tool) is computer software used for scanning computer networks for security vulnerabilities, and exploiting found vulnerabilities. SAINT Network Vulnerability Scanner The SAINT scanner screens e ...

* Security Administrator Tool for Analyzing Networks *

ZMap (software) ZMap is a free and open-source security scanner that was developed as a faster alternative to Nmap. ZMap was designed for information security research and can be used for both white hat and black hat purposes. The tool is able to discover vulne ...

References

{{reflist
Identifying Web Applications
by Fabian Mihailowitsch Hacking (computer security) Wireless networking

Software

List of network enumerators

See also

References